Title:
Methods and systems to implement fingerprint lookups across remote agents
United States Patent 9473512


Abstract:
The present invention provides methods and systems to protect an organization's secure information from unauthorized disclosure. The present system uses protect agents installed across various egress points (e.g., email server, user's computer, etc.) to monitor information disclosed by a user. The present system also provides the use of fingerprint servers to remotely maintain a database of fingerprints associated with the organization's secure data. In one embodiment, the protect agents transmit fingerprints associated with the user's information to the fingerprint server utilizing a local network or the public internet. The protect agents then receive a comparison analysis from the fingerprint servers and execute appropriate security action based on the analysis. In one embodiment, a combination of the local network and public internet is utilized to achieve remote agent lookups.



Inventors:
More, Scott (Tokyo, JP)
Beyer, Ilya (San Mateo, CA, US)
Sweeting, Daniel Christopher John (Hornchurch, GB)
Application Number:
12/209096
Publication Date:
10/18/2016
Filing Date:
09/11/2008
Assignee:
Workshare Technology, Inc. (San Francisco, CA, US)
Primary Class:
1/1
International Classes:
G06F7/04; G06F21/55; H04L29/06
Field of Search:
726/26
View Patent Images:
US Patent References:
8977697Methods and systems for removing metadata from an electronic document attached to a message sent from a mobile electronic deviceMarch, 2015Massand
20150033283System and Method for Securing Documents Prior to TransmissionJanuary, 2015Mulder
20140281872System for Tracking Changes in a Collaborative Document Editing EnvironmentSeptember, 2014Glover
8839100Updating information related to data set changesSeptember, 2014Orofino, II
20140115066Systems and Methods for Creating and Displaying an Electronic Communication DigestApril, 2014Massand
8670600Methods and systems for image fingerprintingMarch, 2014More
8635295Methods and systems for monitoring documents exchanged over email applicationsJanuary, 2014Mulder
8620020Methods and systems for preventing unauthorized disclosure of secure information using image fingerprintingDecember, 2013More
20130290867Systems and Methods For Providing Dynamic and Interactive Viewing and Control of ApplicationsOctober, 2013Massand
8555080Methods and systems for protect agents using distributed lightweight fingerprintsOctober, 2013More et al.
20130254536SECURE SERVER SIDE ENCRYPTION FOR ONLINE FILE SHARING AND COLLABORATIONSeptember, 2013Glover
20130246901SYSTEM AND METHOD FOR SYNCHRONIZING BI-DIRECTIONAL DOCUMENT MANAGEMENTSeptember, 2013Massand
8478995Method of encrypting and transferring data between a sender and a receiver using a networkJuly, 2013Alculumbre
8473847Methods and systems for comparing presentation slide decksJune, 2013Glover
8471781System and method for the auto-detection and presentation of pre-set configurations for multiple monitor layout displayJune, 2013Massand
20130097421Protecting Information Using Policies and EncryptionApril, 2013Lim
20130074198METHODS AND SYSTEMS TO FINGERPRINT TEXTUAL INFORMATION USING WORD RUNSMarch, 2013More
20130074195METHODS AND SYSTEMS FOR INCREASING THE SECURITY OF ELECTRONIC MESSAGESMarch, 2013Johnston et al.
8406456Methods and systems for image fingerprintingMarch, 2013More
8381104Systems and methods for providing context recognitionFebruary, 2013Massand
20120324369METHOD AND SYSTEM FOR SHARED DOCUMENT APPROVALDecember, 2012Safa
20120317479METHOD AND SYSTEM FOR SHARED DOCUMENT EDITING ON A MOBILE DEVICEDecember, 2012Safa
20120317414METHOD AND SYSTEM FOR SECURING DOCUMENTS ON A REMOTE SHARED STORAGE RESOURCEDecember, 2012Glover
8326814Web-based file management system and serviceDecember, 2012Ghods
20120265817METHOD FOR MANAGING E-MAIL ATTACHMENTS IN AN EMAIL IN AN EMAIL APPLICATIONOctober, 2012Vidalenc et al.
8286171Methods and systems to fingerprint textual information using word runsOctober, 2012More et al.
8286085Attachment suggestion technologyOctober, 2012Denise
20120173881Method & Apparatus for Remote Information Capture, Storage, and RetrievalJuly, 2012Trotter
8233723Image categorization based on comparisons between imagesJuly, 2012Sundaresan
8201254Detection of e-mail threat accelerationJune, 2012Wilhelm et al.
8196030System and method for comparing and reviewing documentsJune, 2012Wang et al.
20120136952METHODS AND SYSTEMS FOR MONITORING DOCUMENTS EXCHANGED OVER EMAIL APPLICATIONSMay, 2012Mulder
20120136951METHODS AND SYSTEMS FOR MONITORING DOCUMENTS EXCHANGED OVER EMAIL APPLICATIONSMay, 2012Mulder
20120136862SYSTEM AND METHOD FOR PRESENTING COMPARISONS OF ELECTRONIC DOCUMENTSMay, 2012Glover
20120133989SYSTEM AND METHOD FOR PROVIDING A COMMON FRAMEWORK FOR REVIEWING COMPARISONS OF ELECTRONIC DOCUMENTSMay, 2012Glover
20120131635METHOD AND SYSTEM FOR SECURING DATAMay, 2012Huapaya
20120110092EMAIL THREAD MONITORING AND AUTOMATIC FORWARDING OF RELATED EMAIL MESSAGESMay, 2012Keohane et al.
8181036Extrusion detection of obfuscated contentMay, 2012Nachenberg
8140513Methods and systems for open source collaboration in an application service provider environmentMarch, 2012Ghods et al.
20120016867Displaying changes to versioned filesJanuary, 2012Clemm et al.
20120011361PROTECTING SENSITIVE EMAILJanuary, 2012Guerrero et al.
20110283177On-line document approval management systemNovember, 2011Gates et al.
20110276658Systems and Methods for a Bidirectional Multi-Function Communication ModuleNovember, 2011Massand
8060575Methods and systems for managing metadata in email attachments in a network environmentNovember, 2011Massand
8042112Scheduler for search engine crawlerOctober, 2011Zhu et al.
8005277Secure fingerprint matching by hashing localized informationAugust, 2011Tulyakov et al.
7991751Method and a system for information identificationAugust, 2011Peled
20110154180USER-SPECIFIC DIGITAL DOCUMENT ANNOTATIONS FOR COLLABORATIVE REVIEW PROCESSJune, 2011Evanitsky et al.
20110145229INDEXING AND SEARCHING PRODUCT IDENTIFIERSJune, 2011Vailaya et al.
20110141521PRESERVING USER APPLIED MARKINGS MADE TO A HARDCOPY ORIGINAL DOCUMENTJune, 2011Qiao
20110107106File-Distribution Apparatus and Recording Medium Having File-Distribution Authorization Program Recorded ThereinMay, 2011Morii et al.
7941844Information processing apparatus and control method thereofMay, 2011Anno
7903822Method and system for establishing a trusted and decentralized peer-to-peer networkMarch, 2011Hair et al.
20110029625METHOD AND SYSTEM FOR PROCESSING EMAIL ATTACHMENTSFebruary, 2011Cheng et al.
7895276Method of managing metadata in attachments to e-mails in a network environmentFebruary, 2011Massand
7890752Methods, systems, and computer program products for associating an originator of a network packet with the network packet using biometric informationFebruary, 2011Bardsley et al.
7877790System and method of using personal dataJanuary, 2011Vishik et al.
20100332682UPDATING MULTIPLE COMPUTING DEVICESDecember, 2010Sharp et al.
7857201Method and system for selectionDecember, 2010Silverbrook et al.
20100299727METHODS AND SYSTEMS FOR EXACT DATA MATCH FILTERINGNovember, 2010More et al.
20100287246SYSTEM FOR PROCESSING ELECTRONIC MAIL MESSAGES WITH SPECIALLY ENCODED ADDRESSESNovember, 2010Klos et al.
7844116Method for identifying images after croppingNovember, 2010Monga
20100257352SYSTEMS AND METHODS FOR SECURE AND CERTIFIED ELECTRONIC MESSAGINGOctober, 2010Errico
7818678Collaborative document development and review systemOctober, 2010Massand
20100251104SYSTEM AND METHOD FOR REFLOWING CONTENT IN A STRUCTURED PORTABLE DOCUMENT FORMAT (PDF) FILESeptember, 2010Massand
7796309Integrating analog markups with electronic documentsSeptember, 2010Sadovsky et al.
7788235Extrusion detection using taint analysis2010-08-31Yeo
20100217987Document Security Management SystemAugust, 2010Shevade
20100174761Reducing Email Size by Using a Local Archive of Email ComponentsJuly, 2010Longobardi et al.
7730175Systems and methods for identifying the services of a network2010-06-01Roesch et al.
7720256Idenitfication tag for postal objects by image signature and associated mail handling2010-05-18Desprez et al.
20100124354METHODS AND SYSTEMS FOR IMAGE FINGERPRINTINGMay, 2010More
20100114991MANAGING THE CONTENT OF SHARED SLIDE PRESENTATIONSMay, 2010Chaudhary et al.
20100114985MANAGING THE CONTENT OF SHARED SLIDE PRESENTATIONSMay, 2010Chaudhary et al.
7694336Aggregated authenticated identity apparatus for and method therefor2010-04-06Rinkevich et al.
7680785Systems and methods for inferring uniform resource locator (URL) normalization rules2010-03-16Najork
7673324Method and system for tracking an operating performed on an information asset with metadata associated therewith2010-03-02Tirosh et al.
20100076985CLASSIFICATION OF AMBIGUOUS GEOGRAPHIC REFERENCESMarch, 2010Egnor
20100070448SYSTEM AND METHOD FOR KNOWLEDGE RETRIEVAL, MANAGEMENT, DELIVERY AND PRESENTATIONMarch, 2010Omoigui
20100064372METHODS AND SYSTEMS TO IMPLEMENT FINGERPRINT LOOKUPS ACROSS REMOTE AGENTSMarch, 2010More et al.
20100017850METHODS AND SYSTEMS TO FINGERPRINT TEXTUAL INFORMATION USING WORD RUNSJanuary, 2010More et al.
20100017478DYNAMIC GROUPING OF EMAIL RECIPIENTSJanuary, 2010Mejia et al.
20100017404Method and Apparatus to Elegantly and Automatically Track Emails and its Attachments for Enhanced User ConvenienceJanuary, 2010Banerjee et al.
20100011077DELIVERY OF EMAIL MESSAGES WITH REPETITIVE ATTACHMENTSJanuary, 2010Shkolnikov et al.
7627613Duplicate document detection in a web crawler system2009-12-01Dulitz et al.
7624447Using threshold lists for worm detection2009-11-24Horowitz et al.726/23
7613770On-demand file transfers for mass P2P file sharing2009-11-03Li
20090271620TECHNIQUES FOR SECURE DATA MANAGEMENT IN A DISTRIBUTED ENVIRONMENTOctober, 2009Sudhakar
20090241187METHOD AND SYSTEM FOR PROTECTION AGAINST INFORMATION STEALING SOFTWARESeptember, 2009Troyansky
20090235706Method For Rolling A Sheet Metal StripSeptember, 2009Broussard et al.
20090234863METHOD AND APPARATUS FOR PREDICTIVE DOWNLOADING OF ATTACHMENTSSeptember, 2009Evans
20090222450SYSTEM AND A METHOD FOR TRANSFERRING EMAIL FILE ATTACHMENTS OVER A TELECOMMUNICATION NETWORK USING A PEER-TO-PEER CONNECTIONSeptember, 2009Zigelman
20090216843SYSTEM AND METHOD FOR COLLABORATIVE EMAIL REVIEWAugust, 2009Willner et al.
7564997System and method of hash string extraction2009-07-21Hamid
20090183257PREVENTING SECURE DATA FROM LEAVING THE NETWORK PERIMETERJuly, 2009Prahalad
20090177754Presentation of Organized Personal and Public Data Using Communication MediumsJuly, 2009Brezina et al.
20090164427AUTOMATED FORENSIC DOCUMENT SIGNATURESJune, 2009Shields et al.
20090129002COMPUTER ENCLOSURE ADAPTED FOR MOUNTING DIFFERENT TYPES OF TRANSFER CARDSMay, 2009Wu et al.
20090094530METHOD AND SYSTEM FOR REVIEWING A COMPONENT REQUIREMENTS DOCUMENT AND FOR RECORDING APPROVALS THEREOFApril, 2009Champlain et al.
20090083384Collaborative Email With Hierachical Signature AuthorityMarch, 2009Bhogal et al.
20090070128Community-based community project content creation system and methodMarch, 2009McCauley et al.
20090064326METHOD AND A SYSTEM FOR ADVANCED CONTENT SECURITY IN COMPUTER NETWORKSMarch, 2009Goldstein
7496841Method and system for document collaboration2009-02-24Hadfield
20090034804SECURITY METHOD AND SYSTEM USING TOUCH SCREEN2009-02-05Cho et al.382/116
20090052778Electronic Annotation Of Documents With Preexisting ContentFebruary, 2009Edgecomb et al.
20090037520System and method for secure file transferFebruary, 2009Loffredo
20090030997Method and Apparatus for Minimizing Storage of Common Attachment Files in an E-Mail Communications ServerJanuary, 2009Malik
20090019051UBIQUITOUS DOCUMENT ROUTING ENFORCEMENTJanuary, 2009Winburn
20080320316Selective Encryption System and Method for I/O OperationsDecember, 2008Waldspurger et al.
20080310624Encryption Apparatus and Method for Providing an Encrypted File SystemDecember, 2008Celikkan
20080306894Computer-implemented methods and systems for identifying and reporting deviations from standards and policies for contracts, agreements and other business documentsDecember, 2008Rajkumar et al.
7454778Enforcing rights management through edge email servers2008-11-18Pearson et al.
7434164User interface for adaptive document layout via manifold content2008-10-07Salesin et al.
20080263363Portable Data Encryption Device with Configurable Security Functionality and Method for File EncryptionOctober, 2008Jueneman et al.
20080235760Confidential Content Reporting System and Method with Electronic Mail Verification FunctionalitySeptember, 2008Broussard
20080219495Image ComparisonSeptember, 2008Hulten et al.
20080209001Media approval method and apparatusAugust, 2008Boyle et al.
20080178076METHOD AND APPARATUS FOR SPELLCHECKING ELECTRONIC DOCUMENTSJuly, 2008Kritt et al.
7356704Aggregated authenticated identity apparatus for and method therefor2008-04-08Rinkevich et al.
20080080515MARKER FOR COMMUNICATION SYSTEMS CONSISTING OF MULTIPLE SIP SERVERS2008-04-03Tombroff et al.370/394
20080094370Portable Electronic Device Performing Similar Operations for Different GesturesApril, 2008Ording et al.
20080082930Portable Multifunction Device, Method, and Graphical User Interface for Configuring and Displaying WidgetsApril, 2008Omernick et al.
20080082529Comparing TaxonomiesApril, 2008Mantena et al.
7353455Caller initiated distinctive presence alerting and auto-response messaging2008-04-01Malik
20080046518Enhanced E-Mail SystemFebruary, 2008Tonnison et al.
20080040388Methods and systems for tracking document lineageFebruary, 2008Petri et al.
20080033913Techniques for Preventing Insider Theft of Electronic DocumentsFebruary, 2008Winburn
7321864System and method for providing funding approval associated with a project based on a document collection2008-01-22Gendler
20080028017SYSTEM AND METHOD FOR DISTRIBUTING EMAIL ATTACHMENTSJanuary, 2008Garbow et al.
20070294612Comparing and Managing Multiple PresentationsDecember, 2007Drucker et al.
20070294318Method, System, and Apparatus for Auditing, Tracking, or Inspection of Data, Objects, or Their Corresponding ModificationsDecember, 2007Arora et al.
7299504System and method for implementing security management using a database-modeled security policy2007-11-20Tiller et al.
20070261112Network Security DeviceNovember, 2007Todd et al.
20070253608Secure fingerprint matching by hashing localized informationNovember, 2007Tulyakov et al.
20070220068ELECTRONIC DOCUMENT AND BUSINESS PROCESS CONTROLSeptember, 2007Thompson et al.
20070192728Method for dynamic document navigationAugust, 2007Finley et al.
7240207Fingerprinting media entities employing fingerprint algorithms and bit-to-bit comparisons2007-07-03Weare
20070156785Method and system for revising manualsJuly, 2007Hines et al.
7233686Method and system for hash string extraction from biometric data2007-06-19Hamid
20070141641Compositions & methods for reformulating biological membranes for arraysJune, 2007Fang
20070118598Collaborative editing of a documentMay, 2007Bedi et al.
20070112930Method and system for managing storage on a shared storage spaceMay, 2007Foo et al.
20070112854Apparatus and method for automatic generation and distribution of documentsMay, 2007Franca
20070101413System and method of using personal dataMay, 2007Vishik et al.
20070101154Methods, systems, and computer program products for associating an originator of a network packet with the network packet using biometric informationMay, 2007Bardsley et al.
20070100991Method and program product for tracking a file attachment in an e-mailMay, 2007Daniels et al.
7212955Consumer product status monitoring2007-05-01Kirshenbau et al.
20070027830Dynamic content development based on user feedbackFebruary, 2007Simons et al.
20070025265Method and apparatus for wireless network securityFebruary, 2007Porras et al.
20070011211AUDITING AND TRACKING CHANGES OF DATA AND CODE IN SPREADSHEETS AND OTHER DOCUMENTSJanuary, 2007Reeves
20070005589METHOD AND APPARATUS FOR DOCUMENT CLUSTERING AND DOCUMENT SKETCHINGJanuary, 2007Gollapudi
7152019Systems and methods for sensor-based computing2006-12-19Tarantola et al.
20060294469Storage and utilization of slide presentation slidesDecember, 2006Sareen et al.
20060294468Storage and utilization of slide presentation slidesDecember, 2006Sareen et al.
20060271947Creating fingerprints2006-11-30Lienhart et al.725/19
20060261112ATV mounting bracket and associated methodsNovember, 2006Gates et al.
20060259949Policy based composite file system and methodNovember, 2006Schaefer et al.
20060259524Systems and methods for document project management, conversion, and filingNovember, 2006Horton
20060236246On-line slide kit creation and collaboration systemOctober, 2006Bono et al.
20060224589Method and apparatus for handling messages containing pre-selected dataOctober, 2006Rowney
7113615Watermark embedder and reader2006-09-26Rhoads et al.
7107518Automating a document review cycle2006-09-12Ramaley et al.
20060218643Systems and methods for manipulating rights management dataSeptember, 2006DeYoung
20060218004ON-LINE SLIDE KIT CREATION AND COLLABORATION SYSTEMSeptember, 2006Dworkin et al.
20060190493System and method for identifying and categorizing messages extracted from archived message storesAugust, 2006Kawai et al.
20060184505Method and system for compression of files for storage and operation on compressed filesAugust, 2006Kedem
20060171588Scalable hash-based character recognitionAugust, 2006Chellapilla et al.
20060129627Internet-based shared file service with native PC client access and semantics and distributed version controlJune, 2006Phillips
20060129592Actionable email documentsJune, 2006Poozhiyil et al.
20060112120Method, system, and computer program product for threading documents using body text analysisMay, 2006Rohall
20060098850Method of hash string extractionMay, 2006Hamid
7035427Method and system for managing, accessing and paying for the use of copyrighted electronic media2006-04-25Rhoads
20060069740Information distribution system, information acquistion device, information distribution server, information reproduction device, information reproduction method, information distribution control method, information distribution control program, and computer readable recording mediumMarch, 2006Ando
20060069605Workflow association in a collaborative applicationMarch, 2006Hatoun
20060067578Slide contents processor, slide contents processing method, and storage medium storing programMarch, 2006Fuse
20060064717Information processing device, information processing method and program thereforMarch, 2006Shibata et al.
20060059196Bit string check method and deviceMarch, 2006Sato et al.
20060050937Method of hash string extractionMarch, 2006Hamid
20060005247Method and system for detecting when an outgoing communication contains certain content2006-01-05Zhang726/26
20060021031Method and system for preventing fraudulent activitiesJanuary, 2006Leahy et al.
20060020520Systems and methods for processing electronic documents in a computer networkJanuary, 2006Lange et al.
20060013393Single sign-on processJanuary, 2006Ferchichi et al.
20050268327Enhanced electronic mail security system and methodDecember, 2005Starikov
20050251748System and method for viewing and editing multi-value propertiesNovember, 2005Gusmorino et al.
6918082Electronic document proofing system2005-07-12Gross
20050138540Systems and methods for user-specific document change highlightingJune, 2005Baltus et al.
20050123137Means for providing protecting for digital assetsJune, 2005McCallum
20050086525Method, system and program product for approving item requestsApril, 2005Cirulli et al.
20050055306User-defined dynamic collaborative environmentsMarch, 2005Miller et al.
20050027704Method and system for assessing relevant properties of work contexts for use by information servicesFebruary, 2005Hammond et al.
20050021637Electronic mail control systemJanuary, 2005Cox
20040261016SYSTEM AND METHOD FOR ASSOCIATING STRUCTURED AND MANUALLY SELECTED ANNOTATIONS WITH ELECTRONIC DOCUMENT CONTENTSDecember, 2004Glass et al.
20040187076Redirection technique based control method for internet contents providing services and control system for the sameSeptember, 2004Ki
20040186851Methods and systems for email attachment distribution and managementSeptember, 2004Jhingan et al.
20040122659Tool and method for managing web pages in different languagesJune, 2004Hourihane et al.
6738762Multidimensional substring selectivity estimation using set hashing of cross-counts2004-05-18Chen et al.
20040002049Computer network-based, interactive, multimedia learning system and processJanuary, 2004Beavers et al.
6662212Synchronization of a virtual workspace using E-mail extensions2003-12-09Chandhok et al.
6658626User interface for displaying document comparison information2003-12-02Aiken
20030233419Enhanced email management systemDecember, 2003Beringer
20030223624Method and apparatus for hashing dataDecember, 2003Hamid
20030196087Ad hoc secure access to documents and servicesOctober, 2003Stringer et al.
20030191799Apparatus and accompanying methods for providing, through a centralized server site, a secure, cost-effective, web-enabled, integrated virtual office environment remotely accessible through a network-connected web browserOctober, 2003Araujo et al.
6614789Method of and apparatus for matching strings of different lengths2003-09-02Yazdani et al.
20030158839System and method for determining relevancy of query responses in a distributed network search mechanismAugust, 2003Faybishenko et al.
20030147267Method and apparatus for encrypting dataAugust, 2003Huttunen
6596030Identifying changes in on-line data repositories2003-07-22Ball et al.
6594662Method and system for gathering information resident on global computer networks2003-07-15Sieffert et al.
6591289Method of delivering formatted documents over a communications network2003-07-08Britton
20030131005Method and apparatus for automatic pruning of search engine indicesJuly, 2003Berry
6584466Internet document management system and methods2003-06-24Serbinis et al.
20030121008Method and system for producing an ordered compilation of information with more than one author contributing information contemporaneouslyJune, 2003Tischer
20030115273Method of managing attached documentJune, 2003Delia et al.
20030112273Document collaboration suite using a common databaseJune, 2003Hadfield et al.
6560620Hierarchical document comparison system and method2003-05-06Ching
20030097454Switching method and switch deviceMay, 2003Yamakawa et al.
20030093755Document processing system and methodMay, 2003Ramakrishnan
6556982Method and system for analyzing and classifying electronic information2003-04-29McGaffey et al.
6547829Method and system for detecting duplicate documents in web crawls2003-04-15Meyerzon et al.
20030061260Resource reservation and priority managementMarch, 2003Rajkumar
20030046639Method and systems for facilitating creation, presentation, exchange, and management of documents to facilitate business transactionsMarch, 2003Fai et al.
20030046572Cryptographic infrastructure for encrypting a databaseMarch, 2003Newman et al.
20030037010Copyright detection and protection system and methodFebruary, 2003Schmelzer
6513050Method of producing a checkpoint which describes a box file and a method of generating a difference file defining differences between an updated file and a base file2003-01-28Williams et al.
6505237Method and system for management of message attachments2003-01-07Beyda et al.
20030009518Method and apparatus for peer-to-peer servicesJanuary, 2003Harrow et al.
20020164058Remote authentication of fingerprints over an insecure networkNovember, 2002Aggarwal et al.
20020159239PC card2002-10-31Amie et al.361/737
20020138744Method and system for providing a secure peer-to peer file delivery network2002-09-26Schleicher713/187
6449624Version control and audit trail in a process control system2002-09-10Hammack et al.
20020136222Systems and methods for updating IP communication service attributes using an LDAPSeptember, 2002Robohm
20020129062Apparatus and method for cataloging dataSeptember, 2002Luparello
20020120648Identifying changes in on-line data repositoriesAugust, 2002Ball et al.
6424966Synchronizing crawler with notification source2002-07-23Meyerzon et al.
6418453Network repository service for efficient web crawling2002-07-09Kraft et al.
6418433System and method for focussed web crawling2002-07-09Chakrabarti et al.
20020099602Method and system to provide web site schedulesJuly, 2002Moskowitz et al.
20020087515Data acquisition systemJuly, 2002Swannack et al.
6404446Multi-node user interface component and method thereof for use in displaying visual indication of search results2002-06-11Bates et al.
20020073188Method and apparatus for partitioning system management information for a server farm among a plurality of leaseholdsJune, 2002Rawson
20020065848Simultaneous multi-user document editing systemMay, 2002Walker et al.
20020065827Method and apparatus for workgroup information replicationMay, 2002Christie et al.
20020063154Security system database managementMay, 2002Hoyos et al.
20020052928Computer method and apparatus for collecting people and organization information from Web sitesMay, 2002Stern et al.
6377984Web crawler system using parallel queues for queing data sets having common address and concurrently downloading data associated with data set in each queue2002-04-23Najork et al.
6351755System and method for associating an extensible set of data with documents downloaded by a web crawler2002-02-26Najork et al.
20020023158Method and apparatus for implementing search and channel features in an enterprise-wide computer systemFebruary, 2002Polizzi et al.
20020019827Method and apparatus for managing documents in a centralized document repository systemFebruary, 2002Shiman et al.
20020010682Information archival and retrieval system for internetworked computersJanuary, 2002Johnson
6336123Hierarchical based hyper-text document preparing and management apparatus2002-01-01Inoue et al.
6327611Electronic document routing system2001-12-04Everingham
6321265System and method for enforcing politeness while scheduling downloads in a web crawler2001-11-20Najork et al.
20010042073METHOD AND SYSTEM FOR AUTOMATICALLY UPDATING THE VERSION OF A SET OF FILES STORED ON CONTENT SERVERSNovember, 2001Saether et al.
6301368System and method for data hiding in compressed fingerprint images2001-10-09Bolle et al.
6285999Method for node ranking in a linked database2001-09-04Page
6269370Web scan process2001-07-31Kirsch
6263364Web crawler system using plurality of parallel priority level queues having distinct associated download priority levels for prioritizing document downloading and maintaining document freshness2001-07-17Najork et al.
6263350Method and system for leasing storage2001-07-17Wollrath et al.
6243091Global history view2001-06-05Berstis
6219818Checksum-comparing change-detection tool indicating degree and location of change of internet documents2001-04-17Freivald et al.
6219652Network license authentication2001-04-17Carter et al.
6216112Method for software distribution and compensation with replenishable advertisements2001-04-10Fuller et al.
6212534System and method for facilitating collaboration in connection with generating documents among a plurality of operators using networked computer systems2001-04-03Lo et al.
6189146System and method for software licensing2001-02-13Misra et al.
6189019Computer system and computer-implemented process for presenting document connectivity2001-02-13Blumer et al.
6169976Method and apparatus for regulating the use of licensed products2001-01-02Colosso
6145084Adaptive communication system enabling dissimilar devices to exchange information over a network2000-11-07Zuili et al.
6088702Group publishing system2000-07-11Plantz et al.
6067551Computer implemented method for simultaneous multi-user editing of a document2000-05-23Brown et al.
6049804Method and apparatus for segmenting a database2000-04-11Burgess et al.
6012087Unique-change detection of dynamic web pages using history tables of signatures2000-01-04Freivald et al.
6009173Encryption and decryption method and apparatus1999-12-28Sumner
6003060Method and apparatus to share resources while processing multiple priority data flows1999-12-14Aznar et al.
5898836Change-detection tool indicating degree and location of change of internet documents by comparison of cyclic-redundancy-check(CRC) signatures1999-04-27Freivald et al.
5890177Method and apparatus for consolidating edits made by multiple editors working on multiple document copies1999-03-30Moody et al.
5890176Object-oriented document version tracking method and apparatus1999-03-30Kish et al.
5874953Database graphical user interface with outline view1999-02-23Webster et al.
5850219Method and system for electronic document approval with displayed imprint1998-12-15Kumomura
5832494Method and apparatus for indexing, searching and displaying data1998-11-03Egger et al.
5819300Document processing apparatus and method therefor1998-10-06Kohno et al.
5806078Version management system1998-09-08Hug et al.
5801702System and method for adding network links in a displayed hierarchy1998-09-01Dolan et al.
5787175Method and apparatus for collaborative document control1998-07-28Carter
RE35861Apparatus and method for comparing data groups1998-07-28Queen
5751814File encryption method1998-05-12Kafri
5745879Method and system for managing execution of licensed programs1998-04-28Wyman
5699427Method to deter document and intellectual property piracy through individualization1997-12-16Chow et al.
5673316Creation and distribution of cryptographic envelope1997-09-30Auerbach et al.
5671428Collaborative document processing system with version and comment management1997-09-23Muranaga et al.
5634062System for managing hypertext node information and link information1997-05-27Shimizu et al.
5619649Network printing system for programming a print job by selecting a job ticket identifier associated with remotely stored predefined document processing control instructions1997-04-08Kovnat et al.
5617539Multimedia collaboration system with separate data network and A/V network controlled by information transmitting on the data network1997-04-01Ludwig et al.
5608872System for allowing all remote computers to perform annotation on an image and replicating the annotated image on the respective displays of other comuters1997-03-04Schwartz et al.
5446842Object-oriented collaboration system1995-08-29Schaeffer et al.
5379374Collaborative information processing system and workstation1995-01-03Ishizaki et al.
5315504Electronic document approval system1994-05-24Lemble
5293619Method and apparatus for collaborative use of application program1994-03-08Dean
5247615Control method and system for establishing a connection among terminals forming a joint project information processing system1993-09-21Mori et al.
5245553Full-duplex video communication and document generation system1993-09-14Tanenbaum
5220657Updating local copy of shared data in a collaborative system1993-06-15Bly et al.
5072412User interface with multiple workspaces for sharing display system objects1991-12-10Henderson, Jr. et al.
5008853Representation of collaborative multi-user activities relative to shared structured data objects in a networked workstation environment1991-04-16Bly et al.
4949300Sharing word-processing functions among multiple processors1990-08-14Christenson et al.
4853961Reliable document authentication system1989-08-01Pastor
4479195Data conference system1984-10-23Herr et al.



Foreign References:
JP10177650June, 1998
JP2004265267September, 2004FACE AUTHENTICATION METHOD AND FACE AUTHENTICATION DEVICE
JP2007299364November, 2007PATTERN RECOGNITION DEVICE, PATTERN RECOGNITION METHOD, AND STORAGE MEDIUM STORING PROGRAM ATTAINING THE METHOD
KR1020010078840August, 2001
KR20040047413June, 2004METHOD FOR COMPARING 2D CAD FILE BY GRAPHIC METHOD
KR1020060048686May, 2006
KR20070049518May, 2007METHOD FOR MODIFYING A GREAT NUMBER OF POWERPOINT DOCUMENT
KR1020080029602April, 2008
WO/2000/060504October, 2000INTERNET DOCUMENT MANAGEMENT SYSTEM AND METHODS
WO-0060504October, 2000
WO/2001/052473July, 2001SECURE MANAGEMENT OF ELECTRONIC DOCUMENTS IN A NETWORKED ENVIRONMENT
WO/2010/030871March, 2010METHODS AND SYSTEMS TO IMPLEMENT FINGERPRINT LOOKUPS ACROSS REMOTE AGENTS
Other References:
International Search Report of PCT Application No. PCT/US2009/064919 dated Jul. 1, 2010, pp. 1-3.
Written Opinion PCT Application No. PCT/US2009/064919 dated Jul. 1, 2010, pp. 1-4.
Written Opinion PCT Application No. PCT/US2009/056651, Dated Apr. 21, 2010, pp. 1-5.
International Search Report of PCT Application No. PCT/US2009/056668 dated Apr. 16, 2010, pp. 1-9.
Written Opinion PCT Application No. PCT/US2009/056668 dated Apr. 16, 2010, pp. 1-4.
PC Magazine “Pure Intranets: Real-TIme Internet Collaboration”, http://www.zdnet.com/pcmag/featuresgroupware/gpwst.htm, Aug. 30, 2001, 2 pages.
Wells et al., “Groupware & Collaboration Support”, www.objs.com/survey/groupwar.htm, Aug. 30, 2001, 10 pages.
Tsai, et al., “A Document Workspace for Collaboration and Annotation based on XML Technology”, IEEE, 2000, pp. 165-172.
Roussev, et al., “Integrating XML and Object-based Programming for Distributed Collaboration”, IEEE, 2000, pp. 254-259.
XP-002257904, “Workshare Debuts Synergy”, 2003, 3 pages.
Microsoft, “Microsoft XP, Product Guide”, pp. 1-26.
International Search Report of PCT Application No. PCT/IB2002/005821, Jan. 30, 2004, 6 pages.
International Search Report of PCT Application No. PCT/US2009/051313, Mar. 3, 2010, 3 pages.
Co-pending U.S. Appl. No. 10/136,733, filed Apr. 30, 2002.
Co-pending U.S. Appl. No. 10/023,010, filed Dec. 17, 2001.
Non-Final Office Action Mailed May 7, 2008 in Co-pending U.S. Appl. No. 10/023,010, filed Dec. 17, 2001.
Weiss et al., Lightweight document matching for help-desk applications, In: Intelligent Systems and their Applications, IEEE, Vo. 15, Issue:2, pp. 57-61, ISSN 1094-7167, 2000.
International Search Report of PCT Application No. PCT/US2009/065019 dated Jun. 4, 2010, pp. 1-6.
Written Opinion PCT Application No. PCT/US2009/065019 dated Jun. 4, 2010 pp. 1-5.
Final Office Action Mailed Oct. 21, 2013, in Co-Pending U.S. Appl. No. 13/659,793 by More, S., filed Oct. 24, 2012.
Advisory Action Mailed Nov. 1, 2013, in Co-Pending U.S. Appl. No. 13/659,793 by More, S., filed Oct. 24, 2012.
Cox et al; Microsoft Office Word 2007 Step by Step; Jan. 17, 2007; Microsoft Press; pp. 283-293.
Prinz, Wolfgang, and Sabine Kolvenbach. “Support for workflows in a ministerial environment.” Computer Supported Cooperative Work: Proceedings of the 1996 ACM conference on Computer supported cooperative work, vol. 16, No. 20, 1996; pp. 2-4, 8.
Howard, Pamela O. Prototype Message Dissemination System and Document Routing System for an Army Organization. Arizona Univ Tucson, 1990; pp. 7-9.
Stephen Voida et al., Share and Share Alike: Exploring the User Interface Affordances of File Sharing, Apr. 22-27, 2006, ACM, pp. 1-10.
Dominik Grolmund et al., Cryptree: A Folder Tree Structure for Cryptographic File Systems, Oct. 2-4, 2006, IEEE, pp. 189-198.
Nathanial S. Good et al., Usability and privacy: a study of KaZaA P2P file-sharing, Apr. 5-10 2003, ACM, vol. No. 5, Issue No. 1, pp. 137-144.
M. Eric Johnson et al., The Evolution of the Peer-to-Peer File Sharing Industry and the Security Risks for Users, Jan. 7-10, 2008, IEEE, pp. 1-10.
International Search Report of PCT Application No. PCT/US2009/056651, Dated Apr. 21, 2010, pp. 1-3.
Written Opinion of PCT Application No. PCT/US2009/051313, Mar. 3, 2010, 4 pages.
Written Opinion PCT Application No. PCT/US2010/043345 dated Apr. 28, 2011, 4 pages.
Restriction Requirement Mailed Jun. 30, 2006 for U.S. Appl. No. 10/136,733, filed Apr. 30, 2002.
Notice of Allowance Mailed Oct. 24, 2008 in Co-pending U.S. Appl. No. 10/023,010, filed Dec. 17, 2001.
Non-Final Office Action mailed Dec. 6, 2012 in co-pending U.S. Appl. No. 13/306,798, filed Nov. 29, 2011.
Non-Final Office Action mailed Aug. 13, 2013 in co-pending U.S. Appl. No. 13/306,819 by Glover, R.W., filed Nov. 29, 2011.
Non-Final Office Action mailed May 17, 2013 in co-pending U.S. Appl. No. 13/306,765 by Mulder, S. P.M, filed Nov. 29, 2011.
Non-Final Office Action Mailed Mar. 20, 2006 in Co-pending U.S. Appl. No. 10/136,733, filed Apr. 30, 2002.
Non-final office action issued for U.S. Appl. No. 13/799,067 on Oct. 30, 2014.
Final Office Action mailed Aug. 16, 2013 in co-pending U.S. Appl. No. 13/306,798 of Glover, R.W., filed Nov. 29, 2011.
Notice of Allowance Mailed Jul. 8, 2013 in Co-Pending U.S. Appl. No. 12/209,082 by S. More et al., filed Sep. 11, 2008.
Notice of Allowance Mailed Oct. 2, 2012, in Co-Pending U.S. Appl. No. 12/275,185 by More, S., filed Nov. 20, 2008.
Final Office Action Mailed Feb. 1, 2013 in Co-Pending U.S. Appl. No. 12/621,429 by More, S., filed Nov. 18, 2009.
Advisory Action mailed Apr. 12, 2013, in Co-Pending U.S. Appl. No. 12/621,429 by More, S., filed Nov. 18, 2009.
Non-Final Office Action Mailed Sep. 19, 2012 in Co-Pending U.S. Appl. No. 12/844,818 by Glover, R., filed Jul. 27, 2010.
Final Office Attion Mailed Jan. 18, 2013 in Co-Pending U.S. Appl. No. 12/844,818 by Glover, R., filed Jul. 27, 2010.
Notice of Allowance Mailed Mar. 13, 2013 in Co-Pending U.S. Appl. No. 12/844,818 by Glover, R., filed Jul. 27, 2010.
Non-Final Office Action Mailed Mar. 18, 2013 in Co-Pending U.S. Appl. No. 13/659,793 by More, S., filed Oct. 24, 2012.
Non-Final Office Action Mailed Apr. 26, 2013 in Co-Pending U.S. Appl. No. 13/659,817 by More, S., filed Oct. 24, 2012.
Notice of Allowance Mailed Sep. 25, 2013, in Co-Pending U.S. Appl. No. 13/659,817 by More, S., filed Oct. 24, 2012.
Monga, et al., “Perceptual Image Hashing Via Feature Points: Performance Evaluation and Tradeoffs,” IEEE Transactions on Image Processing, vol. 15, No. 11, Nov. 2006.
Monga, “Robust Perceptual Image Hashing Using Feature Points,” http://bluecoat-02/?cfru=aHR0cDovL3NpZ25hbC51Y2UudXRleGFzLmVkdS9+dmlzaGFsL2hhc2gtcGFydEkucHM=, 2003.
Tulyakov, et al., “Symmetric Hash Functions for Fingerprint Minutiae,” International Workshop on Pattern Recognition for Crime Prevention, Security and Surveillance, Bath U.K., Oct. 2, 2005, pp. 30-38.
Xuefeng Liang; et al., “Fingerprint Matching Using Minutia Polygons,” Pattern Recognition, 2006, ICPR 2006, 18th International Conference on, vol. 1, No., pp. 1046-1049.
Sujoy Roy, et al., “Robust Hash for Detecting and Localizing Image Tampering,” Image Processing, 2007, ICIP 2007, IEEE International Conference on, vol. 6, No., pp. V1-117-V1-120, Sep. 16, 2007-Oct. 19, 2007.
Yung, et al., “Generating Robust Digital Signature for Image/Video Authentication,” Multimedia and Security Workshop at ACM Multimedia '98, Bristol, U.K., Sep. 1998.
Non-Final Office Action Mailed Aug. 1, 2012 in Co-Pending U.S. Appl. No. 12/621,429, filed Nov. 18, 2009.
Notice of Allowance Mailed Aug. 19, 2012 in Co-Pending U.S. Appl. No. 12/177,043, filed Jul. 21, 2008.
Final Office Action Mailed May 10, 2012 in Co-Pending U.S. Appl. No. 12/209,082, filed Sep. 11, 2008.
Non-Final Office Action Mailed Apr. 27, 2012 in Co-Pending U.S. Appl. No. 12/275,185, filed Nov. 20, 2008.
Notice of Allowance Mailed Jun. 26, 2012 in Co-Pending U.S. Appl. No. 12/275,185, filed Nov. 20, 2008.
Co-pending U.S. Appl. No. 13/620,364, filed Sep. 14, 2012.
Co-Pending U.S. Appl. No. 13/659,793, filed Oct. 24, 2012.
Co-Pending U.S. Appl. No. 13/659,817, filed Oct. 24, 2012.
Co-pending U.S. Appl. No. 12/621,429, filed Nov. 18, 2009.
Co-pending U.S. Appl. No. 12/177,043, filed Jul. 21, 2008.
Co-pending U.S. Appl. No. 12/209,082, filed Sep. 11, 2008.
Co-pending U.S. Appl. No. 12/275,185, filed Nov. 20, 2008.
Co-pending U.S. Appl. No. 12/844,818, filed Jul. 27, 2010.
Final Office Action Mailed Apr. 17, 2007 for U.S. Appl. No. 10/023,010, filed Dec. 17, 2001, Issued U.S. Pat. No. 7,496,841.
International Search Report of PCT Application No. PCT/US2010/043345, Apr. 28, 2011, 3 pages.
Non-Final Office Action Mailed Mar. 16, 2006 for U.S. Appl. No. 10/023,010, filed Dec. 17, 2001, Issued U.S. Pat. No. 7,496,841.
Non-Final Office Action Mailed Sep. 19, 2011 for U.S. Appl. No. 12/177,043, filed Jul. 21, 2008.
Restriction Requirement Mailed Feb. 14, 2005 for U.S. Appl. No. 10/023,010, filed Dec. 17, 2001, Issued U.S. Pat. No. 7,496,841.
Restriction Requirement Mailed Feb. 5, 2008 for U.S. Appl. No. 10/023,010, filed Dec. 17, 2001, Issued U.S. Pat. No. 7,496,841.
Non-Final Office Action Mailed Dec. 22, 2011 in Co-Pending U.S. Appl. No. 12/209,082.
Non-Final Office Action Mailed Jan. 9, 2012 in Co-Pending U.S. Appl. No. 12/177,043, filed Jul. 21, 2008.
Primary Examiner:
Ravetti, Dante
Attorney, Agent or Firm:
Sabety, Ted
Sabety + associates, PLLC
Claims:
We claim:

1. A computer implemented method for protecting an organization's secure information from unauthorized disclosure outside of an organization's protected computer environment, said environment comprised of at least one computing device, using at least one instances of a protect agent installed and operating on the at least one computing devices, the computer implemented method comprising: monitoring, by the at least one protect agents operating on the at least one computing devices, the activity of each of an at least one computing device egress points; determining, by the at least one protect agent operating on the at least one computing device, an attempt by the computing device to transmit a data file outside the monitored organization's protected computer environment using one of the at least one egress points; based on a determination, by the protect agent operating on the computing device, of an attempt by the computing device to transmit the data file outside the monitored organization's protected computer environment, transmitting the data file to a fingerprint server prior to the data file being transmitted to the determined destination outside of the organization's protected computer environment; receiving, by the fingerprint server, the data file transmitted by the protect agent operating on the computing device; converting, by the fingerprint server, a portion of the information contained in the transmitted data file to at least one fingerprints representative of the information contained in the data file; determining, by the fingerprint server, whether the at least one fingerprint matches at least one of a plurality of preexisting fingerprints residing in a database of fingerprints accessible to the fingerprint server; based on a determination, of a match, selecting a security action associated with the matched fingerprint; and transmitting, by the fingerprint server, to the protect agent operating on the computing device, a data representing the security action selected by the fingerprint server.

2. A computer implemented method for protecting an organization's secure information from unauthorized disclosure as recited in claim 1, wherein the one of the at least one egress points is a printer.

3. A computer implemented method for protecting an organization's secure information from unauthorized disclosure as recited in claim 1, wherein the one of the at least one egress points is a removable data storage medium.

4. A computer implemented method for protecting an organization's secure information from unauthorized disclosure as recited in claim 1, wherein the one of the at least one egress points is an email server connected to the network.

5. A computer implemented method for protecting an organization's secure information from unauthorized disclosure as recited in claim 1, wherein the one of the at least one egress points is a print server connected to the network.

6. A computer implemented method for protecting an organization's secure information from unauthorized disclosure as recited in claim 1, wherein the one of the at least one egress points is a network appliance connected to the network.

7. A computer implemented method for protecting an organization's secure information from unauthorized disclosure as recited in claim 1, wherein the one of the at least one egress points is a data object residing in the computing device, said data object representing a portion of a document file selected by the user using a clipboard associated with a local operating system.

8. A computer implemented method for protecting an organization's secure information from unauthorized disclosure as recited in claim 1, further comprising: adding to the data file, by the protect agent, data comprising the data representing the security action.

9. A computer implemented method for protecting an organization's secure information from unauthorized disclosure as recited in claim 8, further comprising: encrypting the data file prior to the transmission to the fingerprint server.

10. A computer implemented method for protecting an organization's secure information from unauthorized disclosure as recited in claim 1, wherein the environment includes a local network associated with the organization.

11. A computer implemented method for protecting an organization's secure information from unauthorized disclosure as recited in claim 10, wherein the network includes a public internet.

12. A computer implemented method for protecting an organization's secure information from unauthorized disclosure as recited in claim 11, wherein the fingerprint server is hosted and maintained by a hosted fingerprint service provider.

13. A computer implemented method for protecting an organization's secure information from unauthorized disclosure as recited in claim 11, wherein the network further includes a public internet.

14. A computer implemented method for protecting an organization's secure information from unauthorized disclosure as recited in claim 1, the computer implemented method further comprising: maintaining a plurality of fingerprint servers, wherein each of the plurality of the fingerprint servers includes the database of preexisting fingerprints.

15. A computer implemented method for protecting an organization's secure information from unauthorized disclosure as recited in claim 14, wherein the plurality of fingerprint servers are connected to the network.

16. A computer implemented method for protecting an organization's secure information from unauthorized disclosure as recited in claim 14, further comprising: selecting the fingerprint server to receive the data file in dependence on a load distribution.

17. A computer implemented method for protecting an organization's secure information from unauthorized disclosure as recited in claim 14, wherein one or more of the plurality of fingerprint servers are located in geographically diverse locations.

18. A computer implemented method for protecting an organization's secure information from unauthorized disclosure as recited in claim 1, wherein communication between the protect agent and the fingerprint server is by means of web service calls.

19. A computer implemented method for protecting an organization's secure information from unauthorized disclosure as recited in claim 1, further comprising: storing in memory on the computing device operating the protect agent at least one of the preexisting fingerprints and associated security actions, wherein the protect agent converts the data file to a fingerprint and attempts to match the converted fingerprint against the at least one preexisting fingerprints stored in memory, and in dependence on a match, selecting a security action associated with the matched preexisting fingerprint and not executing the transmitting step to the fingerprint server.

20. A computer implemented system for protecting an organization's secure information from unauthorized disclosure, the computer implemented system comprising: an at least one processor within a corresponding an at least one computing device; an at least one corresponding non-transitory memory in the corresponding at least one processors storing code which, when executed by the at least one processor on the at least one computing device, causes the at least one processor on the computing device to perform the steps of: monitoring the activity of each of an at least one computing system device egress points; determining an attempt by the at least one computing device to transmit a data file outside at least one of the egress points; based on a determination of an attempt by the computing device to transmit the data file outside the at least one egress points, transmitting the data file to a fingerprint server prior to the data file being transmitted outside the at least one egress points; a processor on a fingerprint server; a non-transitory memory comprising the fingerprint server for storing code which, when executed by the processor on the fingerprint server, causes the processor on the fingerprint server to perform the steps of: receiving the data file transmitted by the protect agent operating on the computing device; converting a portion of the information contained in the transmitted data file to at least one fingerprints representative of the information contained in the data file; determining whether the at least one fingerprint matches at least one of a plurality of preexisting fingerprints residing in a database of fingerprints accessible to the fingerprint server; based on a determination of a match, selecting a security action; and transmitting to the protect agent operating on the computing device, a data representing the security action selected by the fingerprint server.

21. A computer implemented system for protecting an organization's secure information from unauthorized disclosure as recited in claim 20, wherein the one of the at least one egress points is at least one of: a printer; a removable data storage medium; a clipboard associated with a local operating system; an email server connected to the network; a print server connected to the network; or a network appliance connected to the network.

22. A computer implemented system for protecting an organization's secure information from unauthorized disclosure as recited in claim 20, wherein the security action is comprised of encrypting the digital data prior to transmission to the fingerprint server.

23. A computer implemented system for protecting an organization's secure information from unauthorized disclosure as recited in claim 20, wherein the network includes a local network.

24. A computer implemented system for protecting an organization's secure information from unauthorized disclosure as recited in claim 23, wherein the network further includes a public internet.

25. The method of claim 1 where: there is no step of transmitting the data file to the fingerprint server and instead there is the step of transmitting to the fingerprint server a fingerprint derived from the data that is generated on the computing device; and there is no step of receiving by the fingerprint server the data file nor the step of converting on the fingerprint server the data file into the fingerprint and instead the receiving by the fingerprint server step is the step of receiving by the fingerprint server the transmitted fingerprint.

26. The system of claim 20 where there is no step of transmitting the data file to the fingerprint server and instead there is the step of transmitting to the fingerprint server a fingerprint derived from the data that is generated on the computing device; and there is no step of receiving by the fingerprint server the data file nor the step of converting on the fingerprint server the data file into the fingerprint and instead the receiving by the fingerprint server step is the step of receiving by the fingerprint server the transmitted fingerprint.

Description:

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is related to U.S. application Ser. No. 12/177,043 filed Jul. 21, 2008, which is incorporated by reference as if fully set forth herein. This application is also related to applicants' co-pending application filed Sep. 11, 2008 entitled “Methods And Systems For Protect Agents Using Distributed Lightweight Fingerprints,”.

FIELD OF INVENTION

The present invention relates to information security and more specifically it relates to systems and methods for detecting and preventing unauthorized disclosure of secure information. Furthermore, the present invention pertains to implementing fingerprint lookups across remote agents connected to a network.

BACKGROUND OF THE INVENTION

With the rapid increase and advances in digital documentation services and document management systems, organizations are increasingly storing important, confidential, and secure information in the form of digital documents. Unauthorized dissemination of this information, either by accident or by wanton means, presents serious security risks to these organizations. Therefore, it is imperative for the organizations to protect such secure information and detect and react to any secure information (or derivatives thereof) from being disclosed beyond the perimeters of the organization.

Additionally, the organizations face the challenge of categorizing and maintaining the large corpus of digital information across potentially thousands of data stores, content management systems, end-user desktops, etc. One solution to this challenge is to generate fingerprints from all of the digital information that the organization seeks to protect. These fingerprints tersely and securely represent the organization's secure data, and can be maintained in a database for later verification against the information that a user desires to disclose. When the user wishes to disclose any information outside of the organization, fingerprints are generated for the user's information, and these fingerprints are compared against the fingerprints stored in the fingerprint database. If the fingerprints of the user's information matches with fingerprints contained in the fingerprint server, suitable security actions are performed.

However, the user has at his disposal myriad options to disclose the information outside of the organization's protected environment. For example, the user could copy the digital information from his computer to a removable storage medium (e.g., a floppy drive, a USB storage device, etc.), or the user could email the information from his computer through the organization's email server, or the user could print out the information by sending a print request through the organization's print server, etc. Therefore, it is imperative to monitor the user's activity through each of these egress points.

In order to effectively protect the organization's secure information, the information that is transmitted through any of the organization's egress points needs to be converted to fingerprints and compared against the fingerprints contained in the organization's fingerprint database. One way of achieving this would be by replicating and maintaining a plurality of fingerprint database at the locations containing egress points (e.g., at the print server, at the email server, at the user's desktop computer, etc.). This can be achieved by means of database replication, agent polling, diff sync pushes from a central fingerprint server, etc.

However, most organizations have several desktop computers and maintain arrays of systems that represent a large number of egress points. With the increase in the number of egress points, the number of individual fingerprint databases that need to be created, maintained, and refreshed periodically becomes prohibitively large. In addition, the fingerprints in the fingerprint database may also contain additional metadata (e.g., to indicate the location of the fingerprint within a document, to indicate the origin information of the document, etc.), further increasing the size of the individual fingerprint databases, thus further exacerbating the cost and difficulties associated with maintaining a plethora of individual fingerprint databases.

Other solutions exist in the prior art to protect digital information in such porous environments. These solutions include encrypting the files, or applying digital rights management or watermarks directly to the files. These solutions do not typically employ the method of fingerprint lookups, and therefore do not require fingerprint databases to be maintained. However, they present other disadvantages. For example, the digital information itself needs to be converted, and unprotected versions of the information needs to be identified and managed (or destroyed) to ensure the security of the information. Additionally, the presence of the watermarking or the digital rights management information does not preclude the information from being disclosed outside of the organization. In most cases, the watermarks only serve as a security awareness or deterrent feature and do not actually prevent the information from being disclosed.

SUMMARY OF THE INVENTION

Methods and systems to provide efficient means to monitor and protect an organization's secure information using remote agent lookups is provided. In one embodiment, the present invention provides methods and systems to implement a protect agent across various egress points of an organization's computing environment. Examples of egress points include a printer or a removable storage device (e.g., a USB flash memory drive, CD drive, etc.) connected to a user's desktop computer through which the user could potentially transmit secure information outside of the organization's protected environment. The protect agents monitor activity across all egress points, and receive any information that a user intends to disclose through the egress points.

In one embodiment, the protect agents generate fingerprints from the received user information and transmit that information to a fingerprint server to do fingerprint lookups. The fingerprint server contains at least one copy of a registered fingerprint database. The registered fingerprint database comprises registered fingerprints generated from all of the organization's secure information. The fingerprint server and the protect agents communicate through a network to which they are connected. The network could either be a local network specific to the organization or could be the public internet. The network could also be a combination of the local network and the public internet.

In one embodiment, the fingerprint server receives client fingerprints transmitted by the protect agents. The fingerprint server does a lookup of the client fingerprints by comparing the client fingerprints against the registered fingerprints contained in the registered fingerprint database. The fingerprint server reports the results of the lookup by communicating the results of the comparison back to the protect agent that transmitted the client fingerprints. In one embodiment, the protect agent then initiates one or more security actions based on the results of the lookup.

An important feature of the present invention is that the registered fingerprints are maintained at a remote location (e.g., at the fingerprint servers connected to the network). This obviates the need to maintain numerous redundant copies of the registered fingerprints locally at the location of every protect agent. Maintaining remote central copies of the registered fingerprints also allows the registered fingerprint database to be updated and version controlled more efficiently.

BRIEF DESCRIPTION OF DRAWINGS

These and other objects, features and characteristics of the present invention will become more apparent to those skilled in the art from a study of the following detailed description in conjunction with the appended claims and drawings, all of which form a part of this specification. In the drawings:

FIG. 1 illustrates an overall embodiment of a remote agent fingerprint lookup system;

FIG. 2 is a flowchart depicting one embodiment of a method to achieve fingerprinting across remote agents;

FIG. 3 is a flowchart illustrating a method to use remote agent lookups for the purpose of taking appropriate security actions; and

FIG. 4 is a flowchart depicting an embodiment of a combined remote agent lookup method, where a combination of a local network and the public internet is utilized for remote lookups.

DETAILED DESCRIPTION OF THE INVENTION

The present invention may be embodied in several forms and manners. The description provided below and the drawings show exemplary embodiments of the invention. Those of skill in the art will appreciate that the invention may be embodied in other forms and manners not shown below. It is understood that the use of relational terms, if any, such as first, second, top and bottom, and the like are used solely for distinguishing one entity or action from another, without necessarily requiring or implying any such actual relationship or order between such entities or actions.

FIG. 1 shows one example of an overall setup to implement remote agent lookups. One of the means by which a user can disclose digital information outside of the organization's perimeter is by disclosing the information through his computer system 110. Examples of such a computer system include a desktop computer, a laptop, a PDA or any such device that allows a user to access the organization's information. In one embodiment, the computing system 110 is connected to a network 125. Here, the computing system 110 comprises the desktop/laptop computer 111 through which the user accesses the organization's secure information. The user would be able to transfer information outside of the organization by transferring the information to any medium connected to the computer.

Such points at which information can be transferred outside of the organization's protected environment are called egress points. Examples of transferring data at egress points include copying the information from the computer to a CD disk 112 or any other optical storage medium, copying the information to a floppy drive 113 or any other tape medium, copying the information to a USB key 114 or other flash based storage medium, transferring the information by printing the information using a printer 115, copying information to the clipboard 115a of the local operating system, etc. In such an event, all the information that is transmitted through the computer 111 needs to be monitored to ensure that secure or sensitive information does not get transferred.

To achieve this purpose, the various egress points of the computer 111 are monitored to detect any activity that purports to disclose information through the egress points. A software agent, called the protect agent 116, is run on the computer 111 to monitor activity at the egress points (112, 113, 114, 115, 115a) associated with the computer 111. If the organization supports more than one computer system, each of these computer systems (110, 116, 117, 118) have protect agents installed on them to ensure that the activity on each of the computer systems is monitored. In one embodiment, the protect agent 116 is a set of computer instructions or a computer implemented program available on a memory location (e.g., on a magnetic tape drive, a flash memory drive, etc.) at the site of the protect agent 116.

In addition to being installed in every computer system (110, 116, 117, 118) in the network, the protect agents are also installed on other vulnerable egress points across the organization. One example of such a vulnerable egress point includes one or more email server systems 118 connected to the network. The email server 119 handles and routes the emails sent out and received by the organization. The protect agent 120 installed on the email server 119 monitors the emails desired to be sent out of the organization through the email server. Another example of a vulnerable egress point could be a print server 121 connected to the organization's network. A protect agent 123 connected to the print server 122 monitors print jobs sent by the users to the printers connected to the network.

Additional examples of vulnerable egress points include network appliance systems 126. Here, a protect agent 128 is installed in each network appliance 127 to ensure that information disclosed through a particular network appliance 127 is monitored. Examples of using network appliances 126 to transfer data include sharing of data over a network share medium, data transferred at the socket or TCP layer of the network, etc. It is understood that in addition to these examples, the egress points also include other porous environments through which information can be disclosed by the user beyond the secure environment of the organization.

The computer systems and all other systems representing egress points (the egress point systems) are centrally connected to a network 125. In one embodiment, the network includes a local network. This includes a network that is managed and maintained locally by the organization. In another embodiment, the network could also be the internet. In the case of the internet, each of the egress point systems could be directly and individually connected to the internet, or could be connected to a local network or a cluster of local networks, with each of the local networks communicating with each other through the internet. Other combinations of the egress point systems within the local network and the internet are possible and such combinations will be apparent to a person of skill in the art.

In the case of the public internet, the protect agents transmit fingerprint lookup requests to a hosted fingerprint server. A hosted fingerprint server is similar to the fingerprint server connected to a local network in that it contains at least one copy of the database of registered fingerprints (corresponding to the secure information of an organization). However, the difference is that the hosted fingerprint server is publicly accessible over the internet. One advantage of using a hosted fingerprint server is that an organization does not have to deploy and manage one or more server appliances within its networks. Some small organizations may not even have infrastructure to maintain a network and host a fingerprint server, but may still require their secure information to be protected. In such cases, the support and manageability of the fingerprint server can be done by even a third party provider who provides the service of a hosted fingerprint server.

A hosted fingerprint service enables protect agents to behave consistently in mobile environments, with the same fingerprint lookups happening inside and outside of the organization. For example, a laptop user can be blocked from emailing confidential files while using a wireless internet connection in a café. In this case, the protect agent can still communicate with the publicly accessible hosted fingerprint service. A provider offering a hosted fingerprint service can also support multi-tenancy services, whereby the provider shares the hosted fingerprint server's resources across different organizations and cutting down on costs. In one embodiment, this would allow fingerprint databases for multiple organizations to reside on the same server.

FIG. 1 illustrates a plurality of fingerprint servers (131-135) connected to the network. In one embodiment, the protect agent located at each of the egress points collect the information that the user intends to disclose and transmit such information to the fingerprint server domain 140. One embodiment of the fingerprint server domain 140 includes one or more fingerprint servers directly connected to the network (not shown in FIG. 1), such that it directly receives the information transmitted by each protect agent. In another embodiment, one or more fingerprint servers (131-135) are connected to a fingerprint server router 130, such that more protect agents can be served with improved efficiency and reduced latency. The fingerprint server router 130 is connected to the network and serves as the gatekeeper for all the information received from the various protect agents through the network 125.

One of the functions of the fingerprint server router 130 is to collect performance and logistics information from each of the fingerprint servers and route any information received from the protect agents to the fingerprint server that is least busy. In one embodiment, the fingerprint servers could be located at different geographical locations (not shown in FIG. 1) and connect to the fingerprint server router 130 through the network. This distributed model would allow organizations to run protect agents with minimal performance lag across geographically diverse locations, such that information from the protect agents are routed to the most optimal fingerprint server.

Regardless of whether a single fingerprint server is used or a suite of fingerprint servers are used, every fingerprint server contains at least one fingerprint database. The fingerprint data base is a repository of fingerprints representing the secure information that the organization intends to protect. In one embodiment, the fingerprint server router 130 is responsible for keeping the redundant fingerprint databases in every fingerprint server up to date. It should be noted that the fingerprint server router is not imperative to maintaining a distributed fingerprint server array. Any other means known in the art through which a distributed network can be achieved can be employed in the place of the fingerprint server router 130. More information on fingerprints and the generation of fingerprints is provided further below.

FIG. 2 is a flowchart depicting one embodiment of a method to achieve fingerprinting across remote agents. In this method, a protect agent is first installed 210 at the location of the various egress points. As discussed above, some examples of where the protect agent could be installed include a desktop computer, a print server, an email server, etc. In one embodiment, the protect agent is a set of instructions or software modules copied to a physical memory on the egress point location. Examples of the physical memory include magnetic tapes, optical disks, flash memory devices, etc. Once the protect agent is installed at a particular egress point location, it monitors all the activity at that particular egress point. For example, a protect agent installed on a desktop computer would monitor all print jobs sent by the user to a printer directly attached to the desktop computer. In the course of monitoring the activity at egress points, the protect agent receives the information 215 that the user intends to disclose through one of the egress points.

The protect agent then transmits the user input information to the fingerprint server connected to the network. The protect agent transmits this information through the network. In one embodiment, the mechanism through which the protect agent and the fingerprint server communicate includes web service calls. Using the web service call standard or a similar standard (as understood by people skilled in the art) allows interoperability between different operating systems and computer language environments. These standards also allow the fingerprint lookups to operate as a service that can be published and integrated with third-parties. As indicated above, the network could either be a local network maintained by the organization, or could be the public internet, or a combination of the local network and the public internet.

The information transmitted by the protect agent to the fingerprint server could be in several formats. In one embodiment, the protect agent directly transmits the digital information 220 that the user intends to disclose. Examples of such digital information include text files, audio files, video files, etc. These examples also include other forms of data, such as software code, design data (e.g., VLSI or CAD design files), or any other digital form of data that an organization wishes to protect. In such cases, the protect agent transmits the information as-is, or encrypts the files before transmission to ensure the security of the transmitted information. The encryption can be done with any of the standard encryption algorithms known to people skilled in the art.

In another embodiment, the protect agent converts the information received from the user to a raw text format 225 before transmission to the fingerprint server. One advantage of converting the files to raw text is that it decreases the size of the file being sent over, thus reducing network congestion and file lookup latency. Additionally, processing the files at the site of the protect agents relieves the fingerprint server of some of the computational burden from handling the user input information received from all protect agents. The protect agents may additionally encrypt the raw text before transmission. There are several methods widely known in the field of art to convert a digital file to raw text. One such method is described in the U.S. application Ser. No. 12/177,043, describing how a digital text file can be converted to raw text.

In one other embodiment, the protect agent converts the digital information to fingerprints 230 before transmission to the fingerprint server. Fingerprinting the information helps achieve a file size reduction, thus ensuring the advantages of reducing network congestion and lookup latency. The fingerprint servers are also freed up from the task of generating fingerprints, and therefore are relieved from the computational burden imposed by the several protect agents they communicate with. Additionally, because the fingerprints inherently add security to the information being transmitted, this method obviates the need for additional encryption of the transmitted files. There are several methods widely known in the field of art to generate fingerprints from digital information. One such method is described in the U.S. application Ser. No. 12/177,043, providing how fingerprints are generated from digital text information.

The fingerprint server receives the information transmitted by the protect agent. If the information received is not in the form of fingerprints, the fingerprint server generates the fingerprints after receiving the information from the protect agent. Otherwise, the received fingerprints are used as-is. The fingerprint server, as discussed above, contains a database of fingerprints that represent the secure information for a particular organization. The fingerprint server is primarily a computer capable of performing arithmetic and logic operations. The fingerprint server compares the fingerprints associated with the user input information (the client fingerprints) with the fingerprints contained in the fingerprint server 235. Based on the results of the comparison, the fingerprint server generates a comparison analysis and transmits this analysis back to the protect agent 240. The fingerprint server contains a set of instructions or suitable software available in one of its memory locations to perform the comparison analysis. After completing the comparison analysis, the fingerprint server transmits the data to the protect agent utilizing the network.

FIG. 3 is a flowchart depicting another embodiment of a method to achieve fingerprinting across remote agents. Here, protect agents are first installed at various egress point locations 310. The protect agents residing at the location of the egress points receive the information a user intends to disclose through those particular egress points 315. In one embodiment, the protect agent generates fingerprints from information that the user desires to disclose 315. After generating the fingerprints, the protect agent transmits the fingerprints to the fingerprint server, utilizing the network 330. The network, as discussed above, could either be a local network 335 or the public internet 340.

The fingerprint server is at a location remote from the protect agents. This fingerprint server contains a database of registered fingerprints 325. The registered fingerprints represent the secure digital information of a particular organization. The fingerprint server receives the fingerprints transmitted by the protect agents (the client fingerprints), and compares the received fingerprints with the registered fingerprints 345. The fingerprint server then transmits the results of the comparison back to the protect agent. If the protect agent receives information that one or more client fingerprints match the registered fingerprints, it takes an appropriate security action 350. Some examples of the security action include preventing the information from being transmitted out through the associated egress point, sending out a security alert to a system administrator, revoking the user's access to the particular information, alerting the user of the security violation, etc. The security actions may also include integration with third party software to offer security solutions (e.g., integration with Microsoft Windows® RMS to apply rights management to the information being disclosed). It is understood that these examples of security actions are used for illustrative purposes only, and that other security actions known to people skilled in the art are equally applicable here.

FIG. 4 is a flowchart depicting an embodiment of a combined network, where a combination of a local network and the public internet is utilized by the remote protect agents. Here, the protect agents are installed at every egress point at the client side 410. The protect agents monitor activity on the client, and receive information that a user intends to disclose outside of the organization through one of the egress points 415. In one embodiment, the protect agents generate fingerprints from the digital information input by the user 420. Redundant copies of the fingerprint database are maintained on several fingerprint serves such that at least one fingerprint server is connected to the local network 455, 450, and at least one fingerprint server is available as a hosted service connected to the internet 430, 435.

In one implementation of the embodiment, the protect agent determines whether the client is connected to a local network 425. If the protect agent determines that the client is connected to the local network, it transmits the fingerprints to the fingerprint server connected to the local network. The fingerprint server connected to the local network compares the fingerprints received from the client against the registered fingerprints contained in the fingerprint server 445. On the other hand, if the protect agent determines that the client is not connected to the local network (e.g., when the user uses his laptop computer from a public café), the fingerprints corresponding to information he attempts to disclose are transmitted to the hosted fingerprint server connected to the internet. This hosted fingerprint server compares the client fingerprints against the registered fingerprints to determine if there are any matches 445. If a match is detected by either fingerprint server, a suitable security action is taken 460.

The systems explained above and associated embodiments relate to apparatus for performing the operations herein. This apparatus may be specially constructed for the required purposes, or it may comprise a general purpose computer selectively activated or reconfigured by a computer program stored in the computer. Such a computer program may be stored in a computer readable storage medium, such as, but is not limited to, any type of disk including floppy disks, optical disks, CD-ROMs, and magnetic-optical disks, read-only memories (ROMs), random access memories (RAMs), EPROMs, EEPROMs, magnetic or optical cards, or any type of media suitable for storing electronic instructions, each coupled to a computer system.

The algorithms and software presented herein are not inherently related to any particular computer or other apparatus. Various general purpose systems may be used with programs in accordance with the teachings herein, or it may prove convenient to construct more specialized apparatus to perform the required method steps. The required structure for a variety of these systems will appear from other portions of this description. In addition, the present invention is not described with reference to any particular programming language, and various embodiments may thus be implemented using a variety of programming languages.

In addition to the above mentioned examples, various other modifications and alterations of the invention may be made without departing from the invention. Accordingly, the above disclosure is not to be considered as limiting and the appended claims are to be interpreted as encompassing the true spirit and the entire scope of the invention.